45150.exe malware

Greetings, I have a PC with windows XP I recently downloaded a file “generation.zero.dvd.45150.exe” from a dvd download site. I checked the file with Malwarebytes and avast which said it was clear of malware and viruses. I clicked on it and the file disappeared. I then found my computer network and internet shut down. I tried re-setting everything but it did not work. I booted up Ubuntu and the network ran fine. Back to XP I tried one system restore which did not work. I did a second restore from farther back and after re-setting everything again, everything seems back to normal. I am now running some virus and malware scans to be sure. I don’t know what happened, but I smell a RAT. I downloaded the file again; it is simply identified as a binary file. Can anyone tell me what this is? BTW for those that don’t know, 5150 is cop code for a crazy person, so 4 5150 seems to be a warning.

edit: malwarebytes found a Trojan.Downloader

If you have the file, upload it to VirusTotal and have it tested by 41 virus scanners (max 20mb) www.virustotal.com
if it have been scanned before click rescan, when you have the result copy the URL in the address bar and post it here

Remember to update malwarebytes before you scan, you may post the scan log here

And send it in : virus@avast.com in a password protected archive.

Success! For some reason, Avast found the virus today when I right clicked on the file. It was a Trojan Horse, Win32:Dropper-gen. Avast lead me through a pre-boot scan and routed out the sucker! Thanks for your responses…

Hi malware fighters,

This is the malcode a dropper: http://www.prevx.com/filenames/X802613065297517351-X1/REKORDBOX.45150.EXE.html
Removal: http://rs-free-download.com/download/MakeMusic.Finale.2010a.v15.1.r2.45150.exe%20virus.html

polonus

This is the site I downloaded the virus.

hxxp://hqwarez.com/download/generation+zero+documentary+torrent.html ← DANGER Win32:Dropper VIRUS. DO NOT DOWNLOAD ANY FILE FROM THIS SITE!

Click on any of the downloads and you’ll get the “generation.zero.dvd.45150.exe”. Downloading and opening this file will load the virus.

DANGER

It appears your site, hxxp://rs-free-download.com/download/MakeMusic.Finale.2010a.v15.1.r2.45150.exe%20virus.html will also load the virus.

edit. oops, my bad… links no longer active


Welcome to the forums, onespeedbiker :slight_smile:

Please edit your links above so that they are not active links to malware.

An example would be changing http to hxxp to make the link inactive.


The filname has changed

VirusTotal - generation.zero.documentary.torre - 7/41
http://www.virustotal.com/analisis/d2788d7486782ad9c08a3407090ee90c96eee88464e43a5eda16d41159c10f1e-1278517556